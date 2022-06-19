CERT-In recently issued threat alerts for multiple softwares including Adobe and Microsoft products

CERT-In (Computer Emergency Response Team), on their website, shared multiple vulnerabilities affecting products from Citrix, Adobe, Microsoft, and Zimbra webmail. The threat alerts came as part of incident prevention and security quality management services from the organisation.

Citrix products

The vulnerabilities in Citrix products are reported to affect Citrix Application Delivery Management (ADM) Products and can be used by attackers to cause security bypass and denial of service on affected systems.

The vulnerability according to the CERT-In report allows attackers to request the system to corrupt itself and reset the administrator password at the next device reboot. “Successful exploitation of this vulnerability could allow a remote attacker to bypass security and cause improper access control on an affected device”, the report stated.

The vulnerabilities can also be used to send specially-crafted request to prevent new licences from renewed or issued and can result in a denial of services on the affected system.

Adobe products

In Adobe products, vulnerabilities have been reported in multiple software that can be exploited by attackers to gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and cause memory leak on the targeted system.

These vulnerabilities, according to the report, exist due to improper Input Validation, improper authorisation, heap-based buffer overflow and can be exploited by attackers by persuading the victim to open specially crafted files or applications which can allow attackers to gain elevated privileges and can be exploited to cause memory leaks. Software updates and security patches from Adobe are cited as a solution for the vulnerabilities.

Microsoft products

In Microsoft products vulnerabilities were reported in Microsoft Windows, Office Microsoft Net Framework, Microsoft Azure, SharePoint Server, SQL Server, Microsoft 365, Microsoft Visual Studio, Microsoft System Center Operations Manager, and Microsoft Browser.

These vulnerabilities expose affected systems to attacks to access sensitive information, bypass security restrictions, perform denial of services and perform Spoofing attacks or executing targeted systems. The report also provided solutions to these vulnerabilities in the form of June 2022 software updates released by Microsoft on their official website.

Zimbra webmail

CERT-In also reported vulnerabilities in Zimbra webmail that can be exploited by attackers to remotely execute arbitrary code and obtain sensitive information on the targeted systems. According to the threat report, the vulnerability exists due to the Memcached poisoning with unauthenticated requests and can be exploited by sending specially crafted requests to the target system. The vulnerability affects Zimbra version prior to 9.0.0 P24 and can be fixed with a simple software update.